Cryptomining: The Latest Plague

In early 2017, the average business was subjected to ransomware every 40 seconds. These malicious programs encrypt your files and demand a ransom payment in cryptocurrencies to restore them. It seems like everyone was talking about it due to the massive publicity it received thanks to some big-name corporations that fell victim to it: pharmaceutical giant Merck, Los Angeles-based hospital system Hollywood Presbyterian Medical Center, as well as leading aerospace innovator Boeing, just to name a few. All in all, it’s not surprising that profits paid to the ransomware creators are in the billions.

By December 2017, ransomware only represented approximately 10 percent of infections. The question becomes “why?” – and the answer is relatively simple: these criminals are smart. In 2018 a new attack has risen to popularity, which goes by the moniker ‘Cryptomining’. In a nutshell, cryptomining is the stealthy, unauthorized use of system resources to mine cryptocurrencies for an attacker.

With ransomware, you’ll know something is wrong – your system will lock up and there will be a lovely red screen staring back at you demanding money in the form of Bitcoin. Over the course of time, many businesses did their due diligence to develop extensive backup systems and disaster recovery environments which significantly reduced the effectiveness of ransomware. Businesses trended towards no longer needing to pay the ransom in the event of an infection. However, this required one important condition – the ability to detect it. Malicious cryptominers don’t give you that luxury.

Cryptomining doesn’t need to strong-arm your business into paying a hefty fee. Instead of all systems in an environment being unusable until a ransom is paid, cryptomining continuously generates money for hackers with the end users being none the wiser. The only thing you as the end user might notice is a slight loss in system performance but is often not noticeable.

These attacks are only a few examples of the multitudes of attacks that plague businesses daily, but what steps can you take to protect yourself from being next? Even with proper network security appliances, best-practice security policies, user education, and even ad-blockers, antivirus solutions are often overlooked as a last line of defense.

Properly maintained antivirus solutions require a lot of time and diligence to keep up with the ever-changing catalog of variants being developed to prevent detection. The number of unique cryptominer variants was approximately 142,000 as of June. Consumer-grade “set and forget” antivirus solutions often go weeks, months, or even years without proper upkeep. Cyber-crooks don’t wait for you to catch up. Monitoring platforms, managed antivirus solutions that can provide constant signature and engine upgrades, along with a team dedicated to quickly extinguishing any potential threat can do leaps and bounds in ensuring your business safely stays ahead of the curve.